Thanks for the quick response. I am currently working with smart cards and am using the engine provided by openSC to access the private key in the smart card. Long story short I have the EVP_PKEY object with me. Can I use this to sign a certificate or some file which can be used for SSL client verification.?
Merci
On Wednesday, 22 July 2015 11:52 AM, Erwann Abalea <erwann.abalea at opentrust.com> wrote:
Bonjour,
An X.509 certificate is:
Certificate ?::= ?SEQUENCE ?{? ? ? ? tbsCertificate ? ? ? TBSCertificate,? ? ? ? signatureAlgorithm ? AlgorithmIdentifier,? ? ? ? signatureValue ? ? ? BIT STRING ?}
What you produced with ? openssl rsautl -sign?? is the content of the ??signatureValue?? element (not its BIT STRING structure, only the inner content).What is missing is all the rest, and it can?t be produced by the sole ??openssl x509 ??? command.
Please refine your question.
Cordialement,Erwann Abalea
Le 22 juil. 2015 ? 11:17, Anirudh Raghunath <anirudhraghunath at rocketmail.com> a ?crit :
Hello,
I have used rsault -sign option to sign a text file which gives me a binary file. I would like to convert this to X509 so that I can use it in a ssl handshake. I understand the command:
openssl x509 -inform <format> -in <certfile> -out <cert.pem>?
is used. I want to know what the parameters would be for a binary input file.
Thanks in advance.?_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150722/9f538bec/attachment.html>
